CNNVD-202601-1836 Information

CNNVD ID

CNNVD-202601-1836

Related CVE

CVE-2025-63314

• CNNVD Published: 2026-01-12

Description (Chinese)

DDSN Interactive Acora CMS是DDSN Interactive公司的一个企业网络和移动 CMS。 DDSN Interactive Acora CMS v10.7.1版本存在安全漏洞，该漏洞源于密码重置功能使用静态令牌，可能导致通过重放攻击进行账户接管。

Description (English)

DDSN Interactive Acora CMS is an enterprise network and mobile CMS of DDSN Interactive. There is a security loophole in version DDSN Interactive Acora CMS v10.7.1 which results from the use of static tokens for the password replacement function, which may lead to the taking over of the account through re-allocation attacks.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

DDSN Interactive

Published

2026-01-12

Last Modified

2026-02-24

References

https://github.com/padayali-JD/CVE-2025-63314 http://acora.com http://ddsn.com https://access.redhat.com/security/cve/cve-2025-63314